๐ณ๐ฑ
Site.eu
2026-06-05 18:09:44
(3 weeks ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-06-05 15:07:09
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 185.190.132.14 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 185.190.132.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 11:07:03.181626 2026] [security2:error] [pid 21067:tid 21067] [client 185.190.132.14:59510] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.14 (+1 hits since last alert)|kildarafarms.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kildarafarms.com"] [uri "/xmlrpc.php"] [unique_id "aiLmFx3V4eQXQ89FGHrNygAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-05 14:05:48
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 185.190.132.14 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 185.190.132.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 10:05:39.358653 2026] [security2:error] [pid 18112:tid 18112] [client 185.190.132.14:54624] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.14 (+1 hits since last alert)|hertzan.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hertzan.com"] [uri "/xmlrpc.php"] [unique_id "aiLXs6NNL5bEcUDgn1DQAAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-05 13:13:17
(3 weeks ago)
Attac
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-03 20:57:35
(4 weeks ago)
(mod_security) mod_security (id:240335) triggered by 185.190.132.14 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 185.190.132.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 16:57:27.328830 2026] [security2:error] [pid 30414:tid 30414] [client 185.190.132.14:52054] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.14 (+1 hits since last alert)|incrp.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "incrp.org"] [uri "/xmlrpc.php"] [unique_id "aiCVN7cvXp467eXkLmvc0wAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
cwytech
2026-06-03 20:22:43
(4 weeks ago)
Fleet-wide ban from the Ghostfleet ๐ป. Triggered by scenario: cwy/wp-us-login-only-high.
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-03 18:53:32
(4 weeks ago)
(mod_security) mod_security (id:240335) triggered by 185.190.132.14 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 185.190.132.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 14:53:27.629080 2026] [security2:error] [pid 4517:tid 4517] [client 185.190.132.14:56094] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.14 (+1 hits since last alert)|lasertherapyoc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lasertherapyoc.com"] [uri "/xmlrpc.php"] [unique_id "aiB4J6sXE8QnMk_SjFcOVQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-02 19:07:11
(4 weeks ago)
Attac
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-01 20:41:50
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 185.190.132.14 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 185.190.132.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 16:41:44.317058 2026] [security2:error] [pid 20534:tid 20534] [client 185.190.132.14:64157] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.14 (+1 hits since last alert)|illumoonatedtarot.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "illumoonatedtarot.com"] [uri "/xmlrpc.php"] [unique_id "ah3uiP18p2_a8BeINlyu0gAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-01 15:47:25
(1 month ago)
Attac
Brute-Force
๐ณ๐ฑ
Site.eu
2026-05-31 19:43:04
(1 month ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-05-31 17:01:03
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 185.190.132.14 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 185.190.132.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 13:00:57.776215 2026] [security2:error] [pid 28053:tid 28053] [client 185.190.132.14:55013] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.190.132.14 (+1 hits since last alert)|ussthresher.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ussthresher.com"] [uri "/xmlrpc.php"] [unique_id "ahxpSR8xkFhulyXXWdLi8wAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-05-31 15:28:18
(1 month ago)
Attac
Brute-Force
๐ณ๐ฑ
Site.eu
2026-05-28 18:58:36
(1 month ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ณ๐ฑ
debestelapp
2026-05-28 18:40:06
(1 month ago)
Web App Attack